{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25347", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-02T12:52:42.958Z", "datePublished": "2026-03-25T16:14:43.153Z", "dateUpdated": "2026-03-25T20:13:21.712Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "wp-rest-cache", "product": "WP REST Cache", "vendor": "Acato", "versions": [{"changes": [{"at": "2026.1.1", "status": "unaffected"}], "lessThanOrEqual": "<= 2026.1.0", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Nguyen Ba Khanh | Patchstack Bug Bounty Program"}], "datePublic": "2026-03-25T17:12:22.049Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Acato WP REST Cache wp-rest-cache allows Stored XSS.<p>This issue affects WP REST Cache: from n/a through <= 2026.1.0.</p>"}], "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Acato WP REST Cache wp-rest-cache allows Stored XSS.This issue affects WP REST Cache: from n/a through <= 2026.1.0."}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "Stored XSS"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:43.153Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/wp-rest-cache/vulnerability/wordpress-wp-rest-cache-plugin-2026-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve"}], "title": "WordPress WP REST Cache plugin <= 2026.1.0 - Cross Site Scripting (XSS) vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-25347", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-25T20:11:44.223835Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T20:13:21.712Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-25347", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-25T20:11:44.223835Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T20:06:41.836Z"}}], "cna": {"title": "WordPress WP REST Cache plugin <= 2026.1.0 - Cross Site Scripting (XSS) vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Nguyen Ba Khanh | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "Stored XSS"}]}], "affected": [{"vendor": "Acato", "product": "WP REST Cache", "versions": [{"status": "affected", "changes": [{"at": "2026.1.1", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "<= 2026.1.0"}], "packageName": "wp-rest-cache", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-03-25T17:12:22.049Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/wp-rest-cache/vulnerability/wordpress-wp-rest-cache-plugin-2026-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Acato WP REST Cache wp-rest-cache allows Stored XSS.This issue affects WP REST Cache: from n/a through <= 2026.1.0.", "supportingMedia": [{"type": "text/html", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Acato WP REST Cache wp-rest-cache allows Stored XSS.<p>This issue affects WP REST Cache: from n/a through <= 2026.1.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:43.153Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25347", "state": "PUBLISHED", "dateUpdated": "2026-03-25T20:13:21.712Z", "dateReserved": "2026-02-02T12:52:42.958Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:14:43.153Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Acato WP REST Cache wp-rest-cache allows Stored XSS.This issue affects WP REST Cache: from n/a through <= 2026.1.0."}], "id": "CVE-2026-25347", "lastModified": "2026-03-25T21:16:34.340", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T17:16:45.490", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/wp-rest-cache/vulnerability/wordpress-wp-rest-cache-plugin-2026-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-03-25T18:04:19.805013+00:00", "value": {"mitigation_remediation": ["Update the WP REST Cache plugin to a version newer than 2026.1.0", "If an update is not possible, deactivate or uninstall the plugin to eliminate the attack surface", "Verify that no malicious scripts are present in posts or pages that may have been injected through the plugin", "Implement a content security policy that blocks inline scripts to mitigate potential impact in the event of residual content"], "summary": {"action": "Patch", "impact": "Stored Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "Any WordPress site installing the WP REST Cache plugin from Acato, version 2026.1.0 or earlier, is susceptible regardless of WordPress core version. The flaw exists across all configurations where the plugin is active and accepts input that is stored in the database and later displayed.", "description_and_impact": "The vulnerability occurs when Acato WP REST Cache fails to properly neutralize user input during web page generation, allowing attacker's scripts to be stored and later executed every time a page renders. Users affected by the flaw could experience cookie theft, session hijacking, content injection, or defacement of the site, depending on the privileges the attacker achieves. The weakness maps to the Common Weakness Enumeration CWE\u201179.", "risk_and_exploitability": "No CVSS score is provided, but a stored XSS typically permits a remote attacker to run arbitrary JavaScript in the context of site visitors, which can lead to non\u2011trivial confidentiality, integrity, and availability impacts. Since EPSS is not reported and the vulnerability is not listed in the CISA KEV catalog, editors should treat the risk as moderate to high until a patch is applied. The attack likely requires a user\u2011controlled value to be inserted via the plugin\u2019s interface and then prompting page rendering, making the exploit feasible against publicly reachable sites with the plugin enabled."}}}}, "created": "2026-03-25T21:45:04.443214+00:00", "updated": "2026-03-25T21:45:04.443242+00:00", "vendors": []}